{"id":"https://openalex.org/W2748192987","doi":"https://doi.org/10.1109/giots.2017.8016273","title":"Improving Internet of Things device certification with policy-based management","display_name":"Improving Internet of Things device certification with policy-based management","publication_year":2017,"publication_date":"2017-06-01","ids":{"openalex":"https://openalex.org/W2748192987","doi":"https://doi.org/10.1109/giots.2017.8016273","mag":"2748192987"},"language":"en","primary_location":{"id":"doi:10.1109/giots.2017.8016273","is_oa":false,"landing_page_url":"https://doi.org/10.1109/giots.2017.8016273","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2017 Global Internet of Things Summit (GIoTS)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5084435647","display_name":"Ricardo Neisse","orcid":null},"institutions":[{"id":"https://openalex.org/I4210118689","display_name":"Joint Research Centre","ror":"https://ror.org/02qezmz13","country_code":"IT","type":"government","lineage":["https://openalex.org/I1320481043","https://openalex.org/I2800387288","https://openalex.org/I4210118689","https://openalex.org/I4210161702"]}],"countries":["IT"],"is_corresponding":true,"raw_author_name":"Ricardo Neisse","raw_affiliation_strings":["European Commission - Joint Research Centre, Ispra, Italy"],"affiliations":[{"raw_affiliation_string":"European Commission - Joint Research Centre, Ispra, Italy","institution_ids":["https://openalex.org/I4210118689"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5006463391","display_name":"Gianmarco Baldini","orcid":"https://orcid.org/0000-0003-4830-1227"},"institutions":[{"id":"https://openalex.org/I4210118689","display_name":"Joint Research Centre","ror":"https://ror.org/02qezmz13","country_code":"IT","type":"government","lineage":["https://openalex.org/I1320481043","https://openalex.org/I2800387288","https://openalex.org/I4210118689","https://openalex.org/I4210161702"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Gianmarco Baldini","raw_affiliation_strings":["European Commission - Joint Research Centre, Ispra, Italy"],"affiliations":[{"raw_affiliation_string":"European Commission - Joint Research Centre, Ispra, Italy","institution_ids":["https://openalex.org/I4210118689"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5001320617","display_name":"Gary Steri","orcid":"https://orcid.org/0000-0001-7698-1771"},"institutions":[{"id":"https://openalex.org/I4210118689","display_name":"Joint Research Centre","ror":"https://ror.org/02qezmz13","country_code":"IT","type":"government","lineage":["https://openalex.org/I1320481043","https://openalex.org/I2800387288","https://openalex.org/I4210118689","https://openalex.org/I4210161702"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Gary Steri","raw_affiliation_strings":["European Commission - Joint Research Centre, Ispra, Italy"],"affiliations":[{"raw_affiliation_string":"European Commission - Joint Research Centre, Ispra, Italy","institution_ids":["https://openalex.org/I4210118689"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5053061349","display_name":"Abbas Ahmad","orcid":"https://orcid.org/0000-0002-5923-1271"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Abbas Ahmad","raw_affiliation_strings":["DISC, University of Bourgogne Franche-Comte, Besancon, France"],"affiliations":[{"raw_affiliation_string":"DISC, University of Bourgogne Franche-Comte, Besancon, France","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5023551842","display_name":"Elizabeta Fourneret","orcid":null},"institutions":[{"id":"https://openalex.org/I4210107593","display_name":"Smartesting (France)","ror":"https://ror.org/01x1nsf94","country_code":"FR","type":"company","lineage":["https://openalex.org/I4210107593"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"Elizabeta Fourneret","raw_affiliation_strings":["Smartesting Solutions & Services, Besan\u00e7on, France"],"affiliations":[{"raw_affiliation_string":"Smartesting Solutions & Services, Besan\u00e7on, France","institution_ids":["https://openalex.org/I4210107593"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5082306957","display_name":"Bruno Legeard","orcid":"https://orcid.org/0000-0003-4986-7097"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Bruno Legeard","raw_affiliation_strings":["DISC, University of Bourgogne Franche-Comte, Besancon, France"],"affiliations":[{"raw_affiliation_string":"DISC, University of Bourgogne Franche-Comte, Besancon, France","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5084435647"],"corresponding_institution_ids":["https://openalex.org/I4210118689"],"apc_list":null,"apc_paid":null,"fwci":2.9826,"has_fulltext":false,"cited_by_count":10,"citation_normalized_percentile":{"value":0.92855581,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"6"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9980000257492065,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9972000122070312,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/certification","display_name":"Certification","score":0.806495189666748},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.7980761528015137},{"id":"https://openalex.org/keywords/botnet","display_name":"Botnet","score":0.7453835010528564},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7082300782203674},{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.5791000723838806},{"id":"https://openalex.org/keywords/enforcement","display_name":"Enforcement","score":0.565035343170166},{"id":"https://openalex.org/keywords/security-policy","display_name":"Security policy","score":0.5521062612533569},{"id":"https://openalex.org/keywords/certified-information-systems-security-professional","display_name":"Certified Information Systems Security Professional","score":0.48097124695777893},{"id":"https://openalex.org/keywords/trust-management","display_name":"Trust management (information system)","score":0.4788375198841095},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.4701652228832245},{"id":"https://openalex.org/keywords/order","display_name":"Order (exchange)","score":0.45488858222961426},{"id":"https://openalex.org/keywords/internet-of-things","display_name":"Internet of Things","score":0.4306776225566864},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.36520063877105713},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.2023625373840332},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.18721917271614075},{"id":"https://openalex.org/keywords/network-security-policy","display_name":"Network security policy","score":0.1738002896308899},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.14727601408958435},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.11821568012237549}],"concepts":[{"id":"https://openalex.org/C46304622","wikidata":"https://www.wikidata.org/wiki/Q374814","display_name":"Certification","level":2,"score":0.806495189666748},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7980761528015137},{"id":"https://openalex.org/C22735295","wikidata":"https://www.wikidata.org/wiki/Q317671","display_name":"Botnet","level":3,"score":0.7453835010528564},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7082300782203674},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.5791000723838806},{"id":"https://openalex.org/C2779777834","wikidata":"https://www.wikidata.org/wiki/Q4202277","display_name":"Enforcement","level":2,"score":0.565035343170166},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.5521062612533569},{"id":"https://openalex.org/C169537543","wikidata":"https://www.wikidata.org/wiki/Q1056312","display_name":"Certified Information Systems Security Professional","level":5,"score":0.48097124695777893},{"id":"https://openalex.org/C2776384856","wikidata":"https://www.wikidata.org/wiki/Q17145767","display_name":"Trust management (information system)","level":2,"score":0.4788375198841095},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.4701652228832245},{"id":"https://openalex.org/C182306322","wikidata":"https://www.wikidata.org/wiki/Q1779371","display_name":"Order (exchange)","level":2,"score":0.45488858222961426},{"id":"https://openalex.org/C81860439","wikidata":"https://www.wikidata.org/wiki/Q251212","display_name":"Internet of Things","level":2,"score":0.4306776225566864},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.36520063877105713},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.2023625373840332},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.18721917271614075},{"id":"https://openalex.org/C117110713","wikidata":"https://www.wikidata.org/wiki/Q3394676","display_name":"Network security policy","level":4,"score":0.1738002896308899},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.14727601408958435},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.11821568012237549},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C10138342","wikidata":"https://www.wikidata.org/wiki/Q43015","display_name":"Finance","level":1,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1109/giots.2017.8016273","is_oa":false,"landing_page_url":"https://doi.org/10.1109/giots.2017.8016273","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2017 Global Internet of Things Summit (GIoTS)","raw_type":"proceedings-article"},{"id":"pmh:oai:publications.jrc.ec.europa.eu:111111111/47843","is_oa":false,"landing_page_url":"http://ieeexplore.ieee.org/document/8016273/","pdf_url":null,"source":{"id":"https://openalex.org/S4306401126","display_name":"Joint Research Centre (European Commission)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I2800387288","host_organization_name":"European Commission","host_organization_lineage":["https://openalex.org/I2800387288"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Articles in periodicals and books"},{"id":"pmh:oai:publications.jrc.ec.europa.eu:111111111/48104","is_oa":false,"landing_page_url":"http://publications.jrc.ec.europa.eu/repository/handle/JRC106530","pdf_url":null,"source":{"id":"https://openalex.org/S4306401126","display_name":"Joint Research Centre (European Commission)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I2800387288","host_organization_name":"European Commission","host_organization_lineage":["https://openalex.org/I2800387288"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Articles in periodicals and books"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.7099999785423279}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":10,"referenced_works":["https://openalex.org/W877640216","https://openalex.org/W2008697499","https://openalex.org/W2058858100","https://openalex.org/W2074709832","https://openalex.org/W2084541517","https://openalex.org/W2115105266","https://openalex.org/W2146097632","https://openalex.org/W2252331149","https://openalex.org/W2480459441","https://openalex.org/W2587189906"],"related_works":["https://openalex.org/W2294483539","https://openalex.org/W2378449000","https://openalex.org/W3187581118","https://openalex.org/W2938399969","https://openalex.org/W2616994865","https://openalex.org/W3143747655","https://openalex.org/W2002178493","https://openalex.org/W2901835651","https://openalex.org/W4230824443","https://openalex.org/W2292210693"],"abstract_inverted_index":{"The":[0],"fast":[1],"growing":[2],"rate":[3],"of":[4,54,71,77,137],"the":[5,15,33,130,135,151],"IoT":[6,55,72,114],"systems":[7,23],"with":[8],"strong":[9],"pressure":[10],"to":[11,42,47,68,85,111],"put":[12],"devices":[13,56,73],"on":[14,58,92,142],"market":[16],"as":[17,19,29],"soon":[18],"possible":[20],"makes":[21],"these":[22,44,104],"vulnerable":[24,113],"targets":[25],"for":[26,150],"cyber":[27],"criminals,":[28],"recently":[30],"seen":[31],"in":[32,83,109,161],"Mirai":[34],"botnet":[35],"Distributed":[36],"Denial-of-Service":[37],"(DDoS)":[38],"attack.":[39],"A":[40],"way":[41],"mitigate":[43],"threats":[45],"is":[46],"enforce":[48],"a":[49,75,147],"comprehensive":[50],"security":[51,122],"certification":[52,70,88],"process":[53],"based":[57],"common":[59],"standards.":[60],"In":[61],"this":[62],"paper,":[63],"we":[64,102,145],"present":[65,146],"an":[66],"approach":[67,139],"improve":[69],"using":[74,106],"combination":[76],"model-based":[78],"testing":[79],"and":[80,90,117,123],"policy-based":[81],"management":[82],"order":[84,110],"detect":[86],"post":[87],"vulnerabilities":[89],"act":[91],"them":[93],"by":[94,129],"introducing":[95],"runtime":[96],"policy":[97,107],"enforcement":[98,108],"capabilities.":[99],"More":[100],"precisely,":[101],"address":[103],"attacks":[105],"correct":[112],"device":[115,131],"behavior":[116],"protect":[118],"users":[119],"even":[120],"if":[121],"privacy":[124],"were":[125],"not":[126],"properly":[127],"addressed":[128],"manufactures.":[132],"We":[133],"describe":[134],"details":[136],"our":[138,156],"and,":[140],"focusing":[141],"authorization":[143],"vulnerabilities,":[144],"case":[148],"study":[149],"oneM2M":[152],"standard":[153],"showing":[154],"how":[155],"solution":[157],"can":[158],"be":[159],"applied":[160],"practice.":[162]},"counts_by_year":[{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":2},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":2},{"year":2018,"cited_by_count":1},{"year":2017,"cited_by_count":1}],"updated_date":"2026-03-20T23:20:44.827607","created_date":"2025-10-10T00:00:00"}